nvd-json-data-feeds/CVE-2006/CVE-2006-61xx/CVE-2006-6133.json

{
  "id": "CVE-2006-6133",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2006-11-28T01:07:00.000",
  "lastModified": "2018-10-17T21:46:50.687",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote attackers to execute arbitrary code via a crafted RPT file."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en Visual Studio Crystal Reports para Microsoft Visual Studio .NET 2002 y 2002 SP1; .NET 2003 y 2003 SP1; y 2005 y 2005 SP1 (anteriormente Business Objects Crystal Reports XI Professional) permite a atacantes remotos con la ayuda del usuario, ejecutar c\u00f3digo de su elecci\u00f3n mediante un fichero RPT manipulado."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C",
          "accessVector": "NETWORK",
          "accessComplexity": "HIGH",
          "authentication": "NONE",
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.6
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 4.9,
        "impactScore": 10.0,
        "acInsufInfo": false,
        "obtainAllPrivilege": true,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:businessobjects:crystal_reports_xi:*:*:professional:*:*:*:*:*",
              "matchCriteriaId": "D3E8303D-8050-4CD7-A993-6C96026FFC60"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2002:*:*:*:*:*:*:*",
              "matchCriteriaId": "8512201F-9350-4892-A20F-80A2C38A530F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "747E3E3A-85C1-4E55-B7F8-C5207F247498"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "F30DA411-416C-45C3-B2A2-E4F3ED7C8F42"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "85959AEB-2FE5-4A25-B298-F8223CE260D6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBED7535-0091-4B27-B261-384CEADFE362"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:microsoft:visual_studio_.net:2005:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "F40C30AF-7D70-4FE8-B7D1-F4734F791664"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://securitytracker.com/id?1017279",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.lssec.com/advisories/LS-20061102.pdf",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/archive/1/452464/100/0/threaded",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.securityfocus.com/bid/21261",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://www.us-cert.gov/cas/techalerts/TA07-254A.html",
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2006/4691",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2007/3114",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-052",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30532",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2055",
      "source": "cve@mitre.org"
    }
  ]
}